Tanay Shandilya
@tanayshandilya
Diligent cybersecurity consultant with expertise in risk management.
What I'm looking for
I am a diligent and strategic security professional with over 5 years of experience in governance, risk management, and compliance management across both cloud and on-premises infrastructures. My career has been defined by my ability to implement critical compliance frameworks such as GDPR, ISO 27001, and SOC 2, ensuring organizations not only meet regulatory requirements but also enhance their overall security posture.
In my current role as a Senior Consultant I at Aujas Cybersecurity Limited, I lead end-to-end evidence gathering for SOC 2 Type 2 examinations, ensuring comprehensive audit readiness. My proactive approach has allowed me to identify and address control gaps effectively, contributing to successful audits with minimal findings. I am passionate about continuous improvement and have a proven track record of enhancing client security through detailed analysis and recommendations.
Throughout my career, I have developed a robust skill set that includes conducting Business Impact Assessments, implementing essential control sets, and managing compliance for various standards. My experience spans multiple organizations, including Deloitte and Scrut Automation, where I have honed my expertise in cybersecurity advisory services and risk management.
Experience
Work history, roles, and key accomplishments
Senior Consultant I - Cybersecurity Advisory Services
Aujas Cybersecurity Limited
May 2024 - Present (1 year 1 month)
Led end-to-end evidence gathering for SOC 2 Type 2 examinations, ensuring comprehensive audit readiness and proactively addressing control gaps. Drove remediation of SOC 2 audit findings by identifying root causes and implementing effective compensating controls. Contributed to continuous improvement of client security posture by analyzing audit results and recommending control enhancements.
Consultant - Cyber Risk Advisory
Deloitte Touche Tohmatsu Limited
Sep 2023 - Jan 2024 (4 months)
Performed Business Impact Assessment, Privacy Impact Assessment, and High Level Assessments. Implemented essential control sets for security gaps and developed policies, gap assessment criteria, and application-specific controls. Conducted Business Continuity / Disaster Recovery assessments and refined the Unified Control Framework.
InfoSec Delivery Consultant – Customer Success
Scrut Automation
May 2023 - Sep 2023 (4 months)
Conducted ISO/SOC 2/PCI DSS gap assessments and developed policies and procedures for multiple startups. Conducted internal audits and managed SOC 2 external audits. Also conducted employee awareness training and Board Security Meetings.
Consultant - Cyber Risk Advisory
Deloitte Touche Tohmatsu Limited
Oct 2021 - May 2023 (1 year 7 months)
Provided Advisory and Assurance Services, including developing Gap Assessment guidance and questionnaires. Implemented control sets and performed audit report reviews. Performed Business Impact Assessment, Privacy Impact Assessment, and High Level Assessments.
Cloud Security Professional
MoreYeahs IT Technologies Pvt.Ltd
Feb 2021 - Sep 2021 (7 months)
Implemented DSPT3, GDPR, and CE+ compliance, along with ISO 27001 controls companywide. Developed policies, procedures, and baselines for the company. Conducted BC/DR practices and tests, as well as employee awareness training and internal audits.
Cloud Security Professional
REOFT Technologies Pvt.Ltd
May 2019 - Dec 2020 (1 year 7 months)
Collaborated with security architects to develop cloud security frameworks and identified opportunities for enterprise-wide improvements. Provided thought leadership on cloud usage strategy, monitoring, alerting, reporting, and blocking. Examined cloud security practices, identified key risks, and executed programs to address them.
Cloud Solutions Architect
REOFT Technologies Pvt.Ltd
Mar 2018 - May 2019 (1 year 2 months)
Worked with distributed computing architecture and developed scalable, fault-tolerant cloud architectures. Ensured testing and continuous integration were crucial parts of deployments. Supported team building and onboarding efforts through mentoring contributions, and created automation for cloud platforms, monitoring, and alerting.
Education
Degrees, certifications, and relevant coursework
Shri Vaishnav Institute of Technology and Science
Bachelor of Engineering, Electronics and Communication
Grade: 6.78 CGPA
Graduated with a CGPA of 6.78. Studied Electronics and Communication.
Tech stack
Software and tools used professionally
Availability
Location
Authorized to work in
Website
tanayshandilya.comJob categories
Interested in hiring Tanay?
You can contact Tanay and 90k+ other talented remote workers on Himalayas.
Message TanayFind your dream job
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
